ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 02:46:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,878 Commits 5 Branches 63 Tags 14 MiB
7a53c7f0f4
Commit Graph

58 Commits

Author SHA1 Message Date
Michele Giacomoli
b36707ba46 Fix comment style 2022-09-19 18:25:26 +02:00
Michele Giacomoli
acf50a4f98 Flush stdin after fingerprint confirmation 2022-09-19 18:09:38 +02:00
Matt Johnston
c93103746e dbclient print remote fingerprint with -v 2022-04-01 11:21:34 +08:00
Matt Johnston
33eba22966 Add fuzzer-client_nomaths, fix client fuzzer 
--HG--
branch : fuzz
 2020-10-18 15:08:54 +08:00
Vladislav Grishenko
413eaf1ba1
Allow DH to be completely disabled (#97) 
Reduces binary size by ~2kB by default and by 21kB with no other
libtommath functions users, ex. with curve25519 kex and ed25519
key only.
 2020-05-28 23:01:48 +08:00
Matt Johnston
701d43b859 send and handle SSH_MSG_EXT_INFO only at the correct point 
- other fixes for rsa pubkey auth
- only include ext-info handling when rsa pubkey auth is compiled
 2020-05-24 14:16:58 +08:00
Matt Johnston
5acee497bf ext-info handling for server-sig-algs 
only client side is handled
 2020-05-19 00:31:41 +08:00
Matt Johnston
7dc2f36c3e use sigtype where appropriate 2020-04-06 23:18:26 +08:00
Vladislav Grishenko
3d12521735
Add Ed25519 support (#91) 
* Add support for Ed25519 as a public key type

Ed25519 is a elliptic curve signature scheme that offers
better security than ECDSA and DSA and good performance. It may be
used for both user and host keys.

OpenSSH key import and fuzzer are not supported yet.

Initially inspired by Peter Szabo.

* Add curve25519 and ed25519 fuzzers

* Add import and export of Ed25519 keys
 2020-03-12 00:09:45 +08:00
Francois Perrad
89e64c631e Pointer parameter could be declared as pointing to const 2017-08-19 17:16:13 +02:00
Matt Johnston
32a28d0d9c Convert #ifdef to #if, other build changes 2016-05-04 15:33:40 +02:00
Matt Johnston
d6daad29fc options for disabling "normal" DH 2016-05-02 23:48:16 +02:00
Matt Johnston
3ccc36b3b7 Fix truncated type for getc() at confirmation prompt 2016-03-15 23:03:31 +08:00
Konstantin Tokarev
5ab562f695 Use dropbear_log instead of some fprintf's in client code. 2015-12-15 16:52:53 +03:00
Matt Johnston
1a4db21fe4 buf_getstring and buf_putstring now use non-unsigned char* 2015-06-04 23:08:50 +08:00
Gaël PORTAY
224b16b247 Fix pointer differ in signess warnings [-Werror=pointer-sign] 2015-05-05 20:39:13 +02:00
Matt Johnston
55a0c5068f requirenext doesn't need two values 2014-01-23 22:25:52 +08:00
Matt Johnston
8128b15e41 Fix failing rekeying when we receive a still-in-flight packet 2014-01-23 21:56:35 +08:00
Matt Johnston
cbe63bbabe rename random.h to dbrandom.h since some OSes have a system random.h 
--HG--
rename : random.c => dbrandom.c
rename : random.h => dbrandom.h
 2013-11-14 22:05:47 +08:00
Matt Johnston
1e00d0b926 - Make curve25519 work after fixing a typo, interoperates with OpenSSH 
- comment on ecc binary size effects

--HG--
branch : ecc
 2013-11-09 00:02:26 +08:00
Matt Johnston
29b1455f36 Merge 
--HG--
branch : ecc
 2013-11-08 23:32:13 +08:00
Matt Johnston
0162c116da curve25519 
--HG--
branch : ecc
 2013-11-08 23:11:43 +08:00
Matt Johnston
58fe1c2d2a Add '-R' for delayed hostkey option 
--HG--
branch : keyondemand
 2013-11-07 23:49:37 +08:00
Matt Johnston
04518e9e80 merge in HEAD 
--HG--
branch : ecc
 2013-05-21 12:09:35 +08:00
Matt Johnston
ef151888fb requirenext fixup for firstkexfollows 2013-04-14 23:16:16 +08:00
Matt Johnston
3bdfae61a2 merge 2013-04-14 22:49:19 +08:00
Matt Johnston
4404126501 -y -y to disable hostkey checking 
fix missing trailing space when passing arguments for multihop mode
From Hans Harder
 2013-04-14 22:49:10 +08:00
Matt Johnston
4f07805d0a - Rename buf_put_ecc_pubkey_string() to buf_put_ecc_raw_pubkey_string() 
- Reindent ecc.c properly

--HG--
branch : ecc
 2013-04-08 23:56:31 +08:00
Matt Johnston
c6bdc810ab ecc kind of works, needs fixing/testing 
--HG--
branch : ecc
 2013-04-07 01:36:42 +08:00
Matt Johnston
7f42096d0f Take transmit and receive keys into use separately 2013-04-04 00:18:50 +08:00
Matt Johnston
78fbed8c3e Don't usually need to recalculate dh_e for the repeated kexdh_init packet 
--HG--
branch : kexguess
 2013-04-03 00:32:55 +08:00
Matt Johnston
e5072c6b12 merge from head roundtrip changes 
--HG--
branch : kexguess
 2013-04-01 00:13:41 +08:00
Matt Johnston
90cf7f012c Move the more verbose TRACE() statements into TRACE2() 2013-04-01 00:07:26 +08:00
Matt Johnston
4f62da0f0d first_kex_packet_follows working, needs tidying 
--HG--
branch : kexguess
 2013-03-29 20:44:13 +08:00
Matt Johnston
b4bcc60657 More changes for KEX and ECDH. Set up hash descriptors, make ECC code work, 
ses.hash and ses.session_id are now buffers (doesn't compile)

--HG--
branch : ecc
 2013-03-29 00:28:09 +08:00
Matt Johnston
74cad1612f more bits on ecc branch 
--HG--
branch : ecc
 2013-03-27 00:38:03 +08:00
Matt Johnston
73e22c115c refactor kexdh code a bit, start working on ecdh etc 
--HG--
branch : ecc
 2013-03-26 01:35:22 +08:00
Matt Johnston
c4861340e9 Fix a few compile warnings 2013-03-23 23:17:01 +08:00
Matt Johnston
f88bed7a30 Rearrange getaddrstring() etc 
--HG--
extra : convert_revision : 8a18c4a60aeaec085923d13d98fa0f93c506ceba
 2009-09-01 16:38:26 +00:00
Matt Johnston
d6441f4397 - Make -i and -W pass through multihop arguments 
--HG--
extra : convert_revision : 70c64073c9ec07b4dfb54ee60e39cec2bd8c6910
 2009-06-12 14:58:43 +00:00
Matt Johnston
0ffc17e481 Remove a newline from the kex prompt question, from FreeWRT 
--HG--
extra : convert_revision : 98745fb712b04634b0682fe9ee0dc904ea528f10
 2007-02-25 09:48:13 +00:00
Matt Johnston
c077f22fb4 Improve known_hosts checking. 
--HG--
extra : convert_revision : b7933fa29cbedeb53b79a0b60aaa0f049e003cb2
 2007-02-22 15:29:32 +00:00
Matt Johnston
cd0a08896c Add '-y' option to dbclient to accept the host key without checking 
- patch from Luciano Miguel Ferreira Rocha.

--HG--
extra : convert_revision : 924b731b50d4147eed8e9382c98a2573259a6cad
 2007-02-11 08:50:21 +00:00
Matt Johnston
4cb673b644 Fixes from Erik Hovland: 
cli-authpubkey.c:
    fix leak of keybuf

cli-kex.c:
    fix leak of fingerprint fp

cli-service.c:
    remove commented out code

dropbearkey.c:
    don't attepmt to free NULL key on failure

common-kex.c:
    only free key if it is initialised

keyimport.c:
    remove dead encrypted-key code
    don't leak a FILE* loading OpenSSH keys

rsa.c, dss.c:
    check return values for some libtommath functions

svr-kex.c:
    check return value retrieving DH kex mpint

svr-tcpfwd.c:
    fix null-dereference if remote tcp forward request fails

tcp-accept.c:
    don't incorrectly free the tcpinfo var

--HG--
extra : convert_revision : 640a55bc710cbaa6d212453c750026c770e19193
 2006-07-07 09:17:18 +00:00
Matt Johnston
32af5c267e Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts 
file, so people can workaround broken /etc/passwds.  Print
the full path in error messages.

--HG--
extra : convert_revision : d777688369ee21011625a3f1fe79ddbe3d5b5c93
 2006-06-07 13:41:19 +00:00
Matt Johnston
c1b602145f don't fail fatally if the client can't get homedir from getpwuid(), fallback 
to $HOME.

--HG--
extra : convert_revision : 279bd16a3e639764df14dce868fdeea7d6a0f317
 2006-04-12 05:51:32 +00:00
Matt Johnston
b7dbb29e68 Read "y/n" response for fingerprints from /dev/tty directly so that dbclient 
will work with scp.

--HG--
extra : convert_revision : 1ec067604618a314ad36464920f08c7113d09aa3
 2005-01-11 16:17:03 +00:00
Matt Johnston
8c1a429c44 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place 
--HG--
extra : convert_revision : d928bc851e32be7bd429bf7504b148c0e4bf7e2f
 2005-01-02 20:25:56 +00:00
Matt Johnston
857dfdeb9e Fix if the first write fails 
--HG--
extra : convert_revision : 5a12aa1aa66c9cfd5d0097acea235cd3cd7658ab
 2004-08-24 07:22:36 +00:00
Matt Johnston
4a52217ed4 default initialisers for mp_ints 
--HG--
extra : convert_revision : af69bacb50a31523e383e8f73844d04681f9e394
 2004-08-17 10:20:20 +00:00